<?php  
 function Error()
 {
 	 header("location:index.php");
	 die();  	
 }
 ob_start(); 
 // Convertimos a MD5
 $pass_md5="";
 $user="";
 if(! empty($_POST['pass']))
 {	 
	 $pass_md5=md5($_POST['pass']);
 }
 else
 {	 
	Error(); 
 }  

 include("dbconnect.php");

 $user=$_POST['usuario'];
 $user= stripslashes($user);
 $user = mysql_real_escape_string($user);
 $sql="SELECT *
 	FROM USUARIOS 
	WHERE
		USUARIO=UPPER('$user') AND
		PASS='$pass_md5' AND
		ID_STATUS=1 AND
		ACTIVO=0";
 $result=mysql_query($sql);
 $count=mysql_num_rows($result);
 if($count!=0)
 {	
 	 session_start();
	 $_SESSION['user']=$user;
	 session_register("user");	
	 header("location:Admin_main.php");
 }
 else
 {	
	Error();	 	
 }
  ob_end_flush();
 ?>
 